httputil: Header normalization behaves oddly for "ß" #2043
Comments
|
Ah, interesting. The special character in question here is the German letter ß, whose capital form is the two-letter sequence "SS". This makes python3 's HTTP header names are (practically speaking) limited to ascii-only, so one option is to raise an error if we are given a non-ascii header name. Or we could normalize the headers to lowercase instead of title case (the use of title case is mainly an aesthetic preference, although I think there are some non-compliant clients in the wild that expect title case in HTTP/1. HTTP/2 has mandated lowercase for all headers). Or we could use an ascii-only capitalization filter (although unless we write it in C we may not be able to match the speed of the built-in |
bdarnell
changed the title
|
A ASCII only capitalize is as simple as: If not already the case, Tornado should raise a BAD REQUEST (400) if any header name contains non-ISO8859-1 data - but |
|
Using Anyway, as I said before I think it's better to just raise an error for anything non-ascii than to try and be smarter about capitalization for certain characters in iso-8859-1. However, there's another option that may be even better: just lowercase everything and don't try to capitalize the first letters of words at all. This is what HTTP/2 does and I think it makes more sense to evolve in that direction instead of maintaining capitalization patterns that were traditional with HTTP/1. The only problem is that is a visible change that may have unforeseen consequences. |
|
I still like the capitalization. |
Hi.
We fuzzy tested our application and discovered a problem with the normalization of header keys.
If a header key contains special characters, the re-normalization of the key cause problems in certain cases.
I am attaching the code that helps you to reproduce the problems.
bug.py.txt
The text was updated successfully, but these errors were encountered: